<?php
	//session_start();
	if((!isset($_SESSION['hallpass']))||($_SESSION['hallpass']==false))
	{
		$_SESSION['error'] = "not_auth";
		header('Location: error_page.php');
	}

class Authentication
{
	/**
	 * this is class builder. It execute all the tests and denotes the login status
	 */
	function Authentication()
	{
		if($this->session_check())
			$_SESSION['auth'] = 1;
		else if($this->cookies_check())
			$_SESSION['auth'] = 2;
		else
			$_SESSION['auth'] = 3;
		
	}
	
	//cookie checking
	function cookies_check()
	{
		if(isset($_COOKIE['wt_auth']))
		{
			$_SESSION['last_visit'] = $_COOKIE['wt_auth']; 
			return true;
		}
		return false;
	}
	
	
	
	/**
	 * 
	 * check if user is logged in
	 */
	function session_check()
	{
		//preventing session hijacking
		if((!isset($_SESSION['hijack']))||($_SESSION['hijack']!=$_COOKIE['wt_cake']))
		{
			
			$_SESSION['error'] = "hijacking";
			header('Location: error_page.php');
			return false;
		}
		//if user already logged in
		if(isset($_SESSION['login']) && ($_SESSION['login']==1))
			return true;
			
		return false;
	}
	
	
	function authenticate()
	{
		if($_SESSION['auth']==1)
		{
			echo "you got in with session";
			echo "<br>";
		}
		if($_SESSION['auth']==2)
		{
			echo "you got in with cookies";
			echo "<br>";
		}
		if($_SESSION['auth']==3)//user is not loggedin
		{
			echo "you are an idiot";
			echo "<br>";
			header('Location: login_form.php');
		}
		
	}
	

	
	function login_auth()
	{
		if($_SESSION['auth']!=3)
		{
			echo "you are already logged in";
			echo "<br>";
			header('Location: index.php');
		}
	}
	
	

	
}

?>